Merge "selinux: New aocx service" into main
This commit is contained in:
Bruce Po
Android (Google) Code Review
commit
45f2bdb98b
8 changed files with 39 additions and 5 deletions
|
|
@ -1,7 +1,8 @@
|
|||
BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/aoc/sepolicy
|
||||
|
||||
PRODUCT_PACKAGES += dump_aoc \
|
||||
aocd
|
||||
aocd \
|
||||
aocxd
|
||||
|
||||
ifeq (,$(filter aosp_%,$(TARGET_PRODUCT)))
|
||||
# IAudioMetricExt HIDL
|
||||
|
|
@ -23,4 +24,5 @@ PRODUCT_PACKAGES_DEBUG += \
|
|||
aocdump \
|
||||
aocutil \
|
||||
aoc_audio_cfg \
|
||||
vp_util
|
||||
vp_util \
|
||||
aocx_tool
|
||||
|
|
|
|||
25
aoc/sepolicy/aocxd.te
Normal file
25
aoc/sepolicy/aocxd.te
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
# aocxd server domain
|
||||
type aocxd, domain;
|
||||
type aocxd_exec, vendor_file_type, exec_type, file_type;
|
||||
init_daemon_domain(aocxd)
|
||||
|
||||
# sysfs operations
|
||||
allow aocxd sysfs_aoc:dir search;
|
||||
|
||||
# dev operations
|
||||
allow aocxd aoc_device:chr_file rw_file_perms;
|
||||
|
||||
# allow inotify to watch for additions/removals from /dev
|
||||
allow aocxd device:dir r_dir_perms;
|
||||
|
||||
# set properties
|
||||
set_prop(aocxd, vendor_aoc_prop);
|
||||
|
||||
# allow binder access
|
||||
vndbinder_use(aocxd);
|
||||
|
||||
# allow managing wakelocks
|
||||
wakelock_use(aocxd);
|
||||
|
||||
# add aocx service to the domain
|
||||
add_service(aocxd, aocx);
|
||||
|
|
@ -27,11 +27,13 @@
|
|||
/dev/acd-audio_ap_offload_rx u:object_r:aoc_device:s0
|
||||
/dev/acd-audio_ap_offload_tx u:object_r:aoc_device:s0
|
||||
/dev/acd-mel_processor u:object_r:aoc_device:s0
|
||||
/dev/acd-aocx_control u:object_r:aoc_device:s0
|
||||
|
||||
# AoC vendor binaries
|
||||
/vendor/bin/aocd u:object_r:aocd_exec:s0
|
||||
/vendor/bin/aocdump u:object_r:aocdump_exec:s0
|
||||
/vendor/bin/dump/dump_aoc u:object_r:dump_aoc_exec:s0
|
||||
/vendor/bin/aocxd u:object_r:aocxd_exec:s0
|
||||
|
||||
# AoC audio files
|
||||
/vendor/etc/aoc(/.*)? u:object_r:aoc_audio_file:s0
|
||||
|
|
|
|||
1
aoc/sepolicy/vndservice.te
Normal file
1
aoc/sepolicy/vndservice.te
Normal file
|
|
@ -0,0 +1 @@
|
|||
type aocx, vndservice_manager_type;
|
||||
1
aoc/sepolicy/vndservice_contexts
Normal file
1
aoc/sepolicy/vndservice_contexts
Normal file
|
|
@ -0,0 +1 @@
|
|||
aocx.IAocx u:object_r:aocx:s0
|
||||
|
|
@ -1,3 +1,3 @@
|
|||
# Audio
|
||||
type hal_audio_ext_service, hal_service_type, service_manager_type;
|
||||
type hal_audio_parameter_parser_service, service_manager_type;
|
||||
type hal_audio_parameter_parser_service, service_manager_type;
|
||||
|
|
@ -1,4 +1,3 @@
|
|||
# Audio
|
||||
vendor.google.whitechapel.audio.extension.IAudioExtension/default u:object_r:hal_audio_ext_service:s0
|
||||
android.media.audio.IHalAdapterVendorExtension/default u:object_r:hal_audio_parameter_parser_service:s0
|
||||
|
||||
android.media.audio.IHalAdapterVendorExtension/default u:object_r:hal_audio_parameter_parser_service:s0
|
||||
|
|
@ -34,3 +34,7 @@ userdebug_or_eng(`
|
|||
')
|
||||
|
||||
wakelock_use(hal_audio_default);
|
||||
|
||||
vndbinder_use(hal_audio_default);
|
||||
allow hal_audio_default aocx:service_manager find;
|
||||
binder_call(hal_audio_default, aocxd);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue